On 02/05/18 17:50, Kamil Dudka wrote: > On Wednesday, May 2, 2018 4:25:58 PM CEST Iain Rae wrote: >> if they've got sudo privs to install software in the system area as root >> then any malicious program is going to emulate su/sudo in which case >> you're rooted in both scenarios. > In order to emulate su/sudo, the binary needs to have special permissions. > Programs downloaded by web browsers do not get them and non-privileged users > cannot grant such permissions. ah so something like :
#!/bin/bash ME=`whoami` echo [sudo] password for $ME read -s PASSWD echo $PASSWD >> /tmp/.stash echo $PASSWD |sudo -S $* > /dev/null probably wouldn't work then ;) > > I just wanted to say that many users would not need sudo access at all if > they > were able to install software to their home directory in a way that it works > out of the box. oh yes, that would be the ideal situation, and if ~/.login/bin is so standard you'd think that things like pip would check to see if there was a more up to date version of themselves in there and run it rather than the system installation. > Kamil > > > -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
